NIS overview Centralized user/password pool Before LDAP. NIS: ypcat passwd reveals shadow password to “John the dictionary cracker”. NIS OK in a trusted.

Slides:

Advertisements

Similar presentations

METALOGIC s o f t w a r e © Metalogic Software Corporation DACS Developer Overview DACS – the Distributed Access Control System.

Advertisements

1.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 1: Introducing Windows Server.

Password?. Project CLASP: Common Login and Access rights across Services Plan

Active Directory: Final Solution to Enterprise System Integration

Understanding Active Directory

Directory Services BICS 565. What is a Directory Service (DS)? A service that allows users to lookup information about entities in an organization Entities.

Network+ Guide to Networks, Fourth Edition Chapter 10 Netware-Based Networking.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 1: Introduction to Windows Server 2003.

ISA 3200 NETWORK SECURITY Chapter 10: Authenticating Users.

Understanding Networks I. Objectives Compare client and network operating systems Learn about local area network technologies, including Ethernet, Token.

Chapter 16 AAA. AAA Components  AAA server –Authenticates users accessing a device or network –Authorizes user to perform specific activities –Performs.

Hands-On Ethical Hacking and Network Defense Second Edition Chapter 6 Enumeration.

SIMI: ISO Perspective Al ISO CSU Northridge

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

HalFILE 3.0 Active Directory Integration. halFILE 3.0 AD – What is it? Centralized organization of network objects and security – servers, computers,

Windows 2003 and 802.1x Secure Wireless Deployments.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

DHCP. DHCP (Dynamic Host Configuration Protocol) is a network service that enables clients to obtain network settings (IP Address, Subnet Mask, Default.

Introduction to Active Directory December 10th, pm Daniels 407.

Exploring Directory Services. Need for DS Multiple servers, multiple services in single network –Multiple servers for reliability, security, optimizing.

Square Pegs in Round Holes: Linux in a Windows World Eric G. Wolfe © 2008 Senior Linux Administrator Marshall University Slides, and code available at.

Linux Windows Integration Can’t we all just get along?

1 SAMBA. 2 Module - SAMBA ♦ Overview The presence of diverse machines in the network environment is natural. So their interoperability is critical. This.

BASIC NETWORK CONCEPTS (PART 6). Network Operating Systems NNow that you have a general idea of the network topologies, cable types, and network architectures,

User Management in LHCb Gary Moine, CERN 29/08/

Chapter 4 Windows NT/2000 Overview. NT Concepts  Domains –A group of one or more NT machines that share an authentication database (SAM) –Single sign-on.

Windows interoperability with Unix/Linux. Introduction to Active Directory Integration for Unix and Linux Systems Unix/Linux interoperability components.

Lecture – Single Login NIS and Winbind. NIS Network Information Service (NIS) is the traditional directory service on UNIX platforms Still widely used.

SPARCS 10 이대근 (harry). Contents  Directory Service  What is LDAP?  Installation  Configuration  ldap-utils  User authentication with LDAP.

Chapter 9: Novell NetWare

Authenticating Users Chapter 6. Learning Objectives Understand why authentication is a critical aspect of network security Describe why firewalls authenticate.

Microsoft Active Directory(AD) A presentation by Robert, Jasmine, Val and Scott IMT546 December 11, 2004.

Chapter 6: Windows Servers

Choosing NOS can be a complex and a difficult decision. Every popular NOS has its strengths and weaknesses. NOS may cost thousands of dollars depending.

Using Novell iChain ® 2 to Deliver Internal Network Access without a VPN Brian Six Technical Account Manager Novell, Inc.

Windows 2000 Operating System -- Active Directory Service COSC 516 Yuan YAO 08/29/2000.

Directory Service

TWSd - Security Workshop Part I of III T302 Tuesday, 4/20/2010 TWS Distributed & Mainframe User Education April 18-21, 2010  Carefree Resort  Carefree,

Building Secure, Flexible and Scalable Environments using LDAP - SANS Orlando Sacha Faust PricewaterhouseCoopers

Secure Networking Windows 2000 Distributed Security Services Sandeep Joshi Group 4.

Presented by: B2B Technologies B2B TECHNOLOGIES | PRESENTATION Use Case for Windows Azure Active Directory.

Chapter 10: Rights, User, and Group Administration.

Novell NetWare 5 A Network Operating System By Dr. Najla Al-Nabhan Much of the material in these slides was taken from Jingfeng Gao Lecture Notes. 1.

Integrating Active Directory with eDirectory ™ Using Novell Account Manager Reid Oakes Technical Team Manager Novell, Inc.

Oracle HFM Implementation Boot Camp

OVERVIEW OF ACTIVE DIRECTORY

Active Directory. Computers in organizations Computers are linked together for communication and sharing of resources There is always a need to administer.

Directory services

Directory Services CS5493/7493. Directory Services Directory services represent a technological breakthrough by integrating into a single management tool:

Module 1: Introduction to Windows 2000 and Networking.

1 Network Operating Systems Network operating systems  Initially, merely communications software packages or additions to standalone operating systems.

Unified Address Book Security Implications. Unified Address Book Overview –What are we talking about –What is the Risk –What are we doing to minimize.

Active Directory Domain Services (AD DS). Identity and Access (IDA) – An IDA infrastructure should: Store information about users, groups, computers and.

Chapter 9 Lecture 4. NetWare Novell’s network operating system Biggest competitor – Microsoft Windows.

1 Directory Services  What is a Directory Service?  Directory Services model  Directory Services naming model  X.500 and LDAP  Implementations of.

Guide to Operating Systems, 5th Edition

Windows interoperability with Unix/Linux

CITA 352 Chapter 6 Enumeration.

Secure Connected Infrastructure

A Network Operating System

File System Implementation

Module Overview Installing and Configuring a Network Policy Server

Introduction to LDAP Frank A. Kuse.

CPU Scheduling – Multiprocessor

Implementation and configuration of LDAP

Services Provided by Network Operating Systems

Goals Introduce the Windows Server 2003 family of operating systems

Open Source and the LDAP Enabled University

8.1 Active Directory Rights Management Services (AD RMS)

AD FS Installation Active Directory Federation Services (AD FS) 7.1

Presentation transcript:

NIS overview Centralized user/password pool Before LDAP. NIS: ypcat passwd reveals shadow password to “John the dictionary cracker”. NIS OK in a trusted system(IAA). Master / slaves working fine. NIS is easy to manage and maintain. Very robust commands for years. Graphics tool(system-config-users) ready.

Why ldap after all the good’o years Openldap(lightweight directory access protocol) ready on Linux/Solaris. subset of complex X. 500 protocol. Sun ONE, Microsoft AD. Novell E-directory. Linux openldap. Centralized database of information. Database backends to choose from. User right authorization. ACL for password. Management GUI (ldap adminstrator($$$), phpldapadmin, ldapbrowser(tiara/hilo))fine. Must use crypt as password hash function. /etc/* migration tools ready. slapd/slurpd (master /slave) structure as NIS. Solaris native ldap client support buggy. recompile openldap client on Sun.

Applications support for ldap PKI : an introduction. Self-signed CA. Openldap plus openradius for wireless Lan and VPN authentication. Single sign-on power. (revolution, etc) address book lookup and authentication. Web user sign-on. Printer name/ip. Automount. Ldaps: TLS/SSL provides strong security(client can also use certificate to claim itself). Default is cleartext!

Windows/Mac users Do we really need it? Active Direcotry seems better suited for M$. Ldap for Mac OK. Add-on applications P-gina to talk to ldap server Samba as public domain controller. Popular among “poor” MIS unit. account transition tools to openldap account ready. needs to create all new accounts.

Plan Coexist with NIS servers for current uids for transition period. Ldap is I/O bound, not cpu intensive. Araid 2600 for OS/data. Plus a slave. AD for MS Windows. Environment mature. Openldap HA(highly available)? Ldap very complicated. Learn by doing.